mirror of
https://github.com/outline/outline.git
synced 2025-12-30 15:30:12 -06:00
a06671e8ce
This PR contains the necessary work to make Outline an OAuth provider including: - OAuth app registration - OAuth app management - Private / public apps (Public in cloud only) - Full OAuth 2.0 spec compatible authentication flow - Granular scopes - User token management screen in settings - Associated API endpoints for programatic access
30 lines
664 B
TypeScript
30 lines
664 B
TypeScript
import crypto from "crypto";
|
|
|
|
/**
|
|
* Compare two strings in constant time to prevent timing attacks.
|
|
*
|
|
* @param a The first string to compare
|
|
* @param b The second string to compare
|
|
* @returns Whether the strings are equal
|
|
*/
|
|
export function safeEqual(a?: string, b?: string) {
|
|
if (!a || !b) {
|
|
return false;
|
|
}
|
|
if (a.length !== b.length) {
|
|
return false;
|
|
}
|
|
|
|
return crypto.timingSafeEqual(Buffer.from(a), Buffer.from(b));
|
|
}
|
|
|
|
/**
|
|
* Hash a string using SHA-256.
|
|
*
|
|
* @param input The input string to hash
|
|
* @returns The hashed input
|
|
*/
|
|
export function hash(input: string) {
|
|
return crypto.createHash("sha256").update(input).digest("hex");
|
|
}
|